Freeradius as a proxy to Windows IAS - reserved characters in shared secret?
Claudiu Filip
claudiu at globtel.ro
Wed Aug 1 12:26:35 CEST 2007
Hi clive,
Wednesday, August 1, 2007, 11:10:41 AM, you wrote:
> 2) If I use a secret key (similar to the one set on the IAS server)
> containing characters such as $\[ then the key is rejected and
Character "Escape from Alcatraz", a classic movie with Clint Eastwood..
Be careful with character escaping and bash cli (always use single
quotes to pass to radtest what you want).
Also avoid ${foo} as a secret
client 127.0.0.1 { secret = "\044{prefix}" }
radtest gigi kent 127.0.0.1 1 '/radiusd' => OK!! ($prefix = /radiusd)
client 127.0.0.1 { secret = "\\testing123" }
radtest gigi kent 127.0.0.1 1 '\testing123' => OK
radtest gigi kent 127.0.0.1 1 "\testing123" => OK (because bash does not expand \t)
radtest gigi kent 127.0.0.1 1 "\\testing123" => OK (because bash expands \\t to \t)
radtest gigi kent 127.0.0.1 1 '\\testing123' => NOT ok
client 127.0.0.1 { secret = "$\[" }
radtest gigi kent 127.0.0.1 1 '$[' => OK
client 127.0.0.1 { secret = "$\\[" }
radtest gigi kent 127.0.0.1 1 '$\[' => OK
Have fun!
Best regards,
Claudiu Filip
@: claudiu at globtel.ro
Http://www.globtel.ro
T:+40344880100
F:+40344880113
More information about the Freeradius-Users
mailing list